TrueCrypt and GnuPG: An Update

Previously we looked at the issues around TrueCrypt and Heartbleed, and noted that a fundamental problem was that technologies we rely on to be safe are often developed and maintained by volunteers or people on a shoestring budget. There is now more news worth looking at in this respect, so it is time for an update.

GnuPG

GnuPG is the Gnu Privacy Guard, and is a free software implementation of PGP. That makes it pretty darned important to anyone who is a free software supporter and a privacy advocate. Yet support for this was drying up. GnuPG was started in 1997 by German software developer Werner Koch, and he was facing financial problems because donations were falling. In fact, he had resolved to walk away from the project in 2013 because he has a family, they need to eat, and so on. But then Edward Snowden put GnuPG in the headlines and it became clear that this was an important technology, so Werner decided not to give up just yet. He started a donation drive, but by November of 2014 it had raised just 7,000 Euros, which won’t support a family. Fortunately, Julia Angwin wrote an article on Pro Publica that went viral:

The response was very gratifying. I know I contributed, and I am sure may other people did, and money started to come in. But the donation model is not sustainable for most projects. There is a well-known issue of “contribution fatigue” that happens when people are constantly bombarded with requests to give money. Even the most generous person can only do so much, and we have families too. As the recent flap over ElementaryOS indicates demanding contributions can drive people away as well. To really make critical free software work you need a mechanism to channel funding where needed in a predictable way. We made an important step in that direction in response to the Heartbleed problem when the Linux Foundation created the Core Infrastructure Initiative. This is a consortium of top companies (e.g. Google, Microsoft, Facebook, Amazon, and many others) that contribute funds which can then be allocated to support key infrastructure (like OpenSSL) that so many companies and projects rely on. This matters because the whole idea of free software is that it can provide freely reusable code to solve problems, and this is a way that code can be supported. In the case of GnuPG this group gave $60,000 for 2015. Then Stripe and Facebook each pledged $50,000 in support. All of this is good, but look at what Werner said in response: “GnuPG does not stand alone: there are many other projects, often unknown to most people, which are essential to keep the free Internet running. Many of them are run by volunteers who spend a lot of unpaid time on them. They need our support as well.”

That is a message we all need to keep in mind. At least for now, though, it looks like GnuPG is on a firm footing, and Werner plans to add a full-time developer which should make it even better.

TrueCrypt

This is another key piece of software that many people relied upon to provide file and disk encryption. Though not exactly Open Source, it was provided free of charge and seemed to do a good job. But legitimate questions were raised about whether it was in fact secure, and developers arranged to have an audit. They had a crowd-funding program to get this going, which I contributed to, and the audit was begun by a team assembled by Matthew Green, a highly respected cryptography researcher at Johns Hopkins University, and someone whose blog I subscribe to.

Phase 1 was an analysis of the bootloader, and it found a few minor bugs worth fixing, but nothing that suggested any deliberate back-doors or other similar security problems. It was basically a clean bill of health for the boot loader. Phase 2 was to be the analysis of the actual cryptography. But then the TrueCrypt developers shut down the project in a mysterious manner, which raised questions in many quarters about whether they were afraid that something would be revealed. My own view is that they just got tired of doing it and walked away, but I don’t think there is a definitive proof of just what exactly was going on. In any case, this raised the question of where TrueCrypt was going, and would the audit be completed.

As to the audit, we now have an answer from Matthew Green in a post on his blog April 2, 2015 entitled Truecrypt report. In this blog post (go ahead, read it, it isn’t that long), he gives the TL;DR as follows: “Truecrypt appears to be a relatively well-designed piece of crypto software. The NCC audit found no evidence of deliberate backdoors, or any severe design flaws that will make the software insecure in most instances.” That is not to say that they found nothing, after all there is probably no software ever written that does not have some issues in it somewhere, and they found a few, but nothing that would pose a problem for users. You can read his article for more, and that has links to the full report. I will add that Bruce Schneier has also added in his blog post TrueCrypt Security Audit Completed regarding these problems “Nothing that would make me not use the program, though.” So the bottom line is that TrueCrypt 7.1a has been audited, the security pros have gone over it carefully, and they found nothing that should make you stop using the software.

Now, you may ask why auditing a dead piece of software is useful. The answer is that 7.1a is the basis for several forks of the TrueCrypt software, so by association it might be assumed, pending further results, that if TrueCrypt 7.1a is good, so are the forks. One of the first was a group in Switzerland that create TCnext. This looks like just an offer of the TrueCrypt 7.1a software, and perhaps is stop-gap until one of the other options matures. CipherShed is another fork, and it emphasizes on its page that it is both free-of-charge and free as in speech. It appears to be attempting a gradual refactoring of the TrueCrypt code with their new code, and looks interesting for the long-term. But for now you would probably not want to use it for production. The third one I will mention is VeraCrypt. This looks like a base of TrueCrypt with some changes made by the developer, but it looks like it is usable in its current form.

Since TrueCrypt is gone, and the developers show no signs of resurrecting the project, you may want to start looking at these alternatives. The question I have here takes us back to sustainable support. Are these projects going to be relying on volunteers? Will they be asking for donations on their download pages to support themselves? I would worry a bit in that case. What I would really like to see is some kind of model whereby enough funding to keep a core team of developers going is reliably available over time.

Of course, there is also a legal issue involved. The license that TrueCrypt was released under does not permit forking. So any attempt to fork the project could be quickly shut down by a lawsuit. Whether that is likely I couldn’t say, but I would take this into account. Although I cannot give legal advice, I think simply offering people a copy of 7.1a, such as TCnext seems to be doing, would be fine. And if CipherShed can create an equivalent with their own code, that might be OK, though the fact they studied the TrueCryot code to get there might be a factor. In the world of commercial software that is under copyright you generally need to show that you did a “clean room” development without looking at the other party’s code to avoid a lawsuit, but I don’t really know how this would work in the case of the somewhat eccentric TrueCrypt license. VeraCrypt may be on the shakiest ground since they seem to be clearly using TrueCrypt code in their product. In terms of personal use, though, you shouldn’t have anything to fear from legal issues, so the biggest problem might be that you adopt a product that is later sued out of existence and have to switch again. Of course, given the extreme reluctance of the original developers to do anything in public, are they really likely to launch a copyright lawsuit? My guess is no.

But the other factor to bear in mind is that TrueCrypt 7.1a has been audited. That is a Big Deal in my book. And it does what you need it do to. If anyone forks the code and starts their own development, will that be as good? Will anyone audit their work? I think for right now I would stick with TrueCrypt 7.1a. Steve Gibson, noted security guru and host of Security Now thinks that the TrueCrypt developers cannot stop the distribution, and has it available on his Web site at https://www.grc.com/misc/truecrypt/truecrypt.htm. Go there and read what he says, it is interesting.